Slashdot Mirror

← Back to Stories (view on slashdot.org)

Google Voice Mails Found In Public Search Engine

Posted by timothy on from the wouldn't-mind-being-able-to-put-some-there dept.

bonch writes "Google Voice Mails have been discovered in Google's search engine, providing audio files, names, and phone number as if you were logged in and checking your own voice mail. Some appear to be test messages, while others are clearly not. Google has since disabled indexing of voice mails outside your own website."

3 of 145 comments (clear)

  1. The Real Problem is ... by itzfritz · · Score: 5, Interesting

    The real problem, IMO, is that Google Voice voicemails are world-readable to begin with. The only security is the URL scheme. If that can be reverse engineered, the privacy of all google voice users will be in danger. (fyi I have tested this myself. The url scheme is "https://www.google.com/voice/fm/20-digit account id/long b64 encoded binary string", and these urls can be viewed by unauthenticated users. Note the use of https; while no man in the middle will read my voicemail, the man on one end can ;)

  2. Re:User action? by geekboy642 · · Score: 4, Interesting

    You speak facetiously, of course, but spending the time and effort to setup your own email server is a very valuable exercise. And at the end, you get an email account with no limits. Want ridiculously tight spam filters? Easy. Want to send and receive 1GB email attachments? Your insanity can be catered to.

    And best of all, nobody is sitting there watching all of your emails and serving you ads based on what you're emailing about.

    --
    Just another "DOJ fascist authoritarian totalitarian bootlicker" -- Zeio
  3. Re:User action? by antifoidulus · · Score: 4, Interesting

    Actually it was 86.4 milliseconds, but when you are only expecting .0001% uptime, you cannot expect your service provider to be able to do arithmetic :P

    --
    Monstar L